Digital signatures have been growing in popularity. With a computer user a computer mouse can be used as a pen to write a digitizable signature. Freeware programs enable computer users to create their signatures using the computer mouse. Computer generated graphic signatures are rapidly gaining acceptance for the execution of legally binding contracts.
Contracts can be signed using a mouse or another pointer device where the user moves the device in pen-like manner using either a JAVA programming language applet or an ActiveX component installed on a user's computer. At least two problems are associated with this approach.
Once the user finishes the digital signature, the JAVA program applet creates an image of the completed signature and stores it like a photo. The image is a does not allow for forensic examination of the digital signature. For example both, the spacing between the different curves of the signature becomes lost, and the exact sizing of each of the elements of the signature is lost. The precise location of curves of parts of the signature relative to other curves in the signature, and the size of the actual signature are lost.
The Windows operating system does not support JAVA unless the computer is specifically configured for JAVA. This means that most people using new Windows operating systems cannot use the JAVA system. Internet Explorer no longer comes with the JAVA Virtual Machine (JVM) installed on their newly purchased machines. Unless the user is technically savvy and able to install additional software, the user will be unable to use the current JAVA based application.
ActiveX component installation requires modification to the computer system registry and hence the user must have administrative privileges and skill in order to install it on a computer.
Both the JAVA programming applet and the ActiveX component are plug-ins that are downloaded to a user's computer. This renders the user's computer susceptible to from viruses and malicious code. Consequently, many corporate information technology organizations do not allow ActiveX controls to be downloaded and installed on corporate personal computers and have set browsers on the corporate computers to not run JAVA applets.
There is no encoding or serialization to associate the actual signature being checked with execution of a particular document. The current JAVA system does not distinguish if the signature being evaluated was executed on the correct document or a phony document. Clearly, neither fraud nor forgery can be detected using current systems.
Various systems have been proposed over the years for authenticating signatures. See for example, U.S. Published Patent Application 2005/0223234 to McOwan; U.S. Pat. No. 5,828,772 to Kashi; and U.S. Pat. No. 6,687,390 to Avni et al. None of the references known to the inventors solve all the problems of the prior art. For example, Avni '390 stores “position vectors” which are not used for the purposes of comparing the signature with a known sample to verify authenticity of a signature placed on a document. There is encoding and encrypting of any “position vectors” for verification of the documents.
Thus, the need exists for solutions to the above problems with the prior art.